The present disclosure generally relates to the field of analysis systems for analyzing biological samples and, in particular, to the control of analysis systems.
Laboratory devices, in particular analysis systems used for analyzing biological samples, must be closely controlled to ensure that the returned analysis results are correct. To an increasing degree, analysis systems are complex multi-component devices which need to be configured and maintained by specially trained personnel. In particular, the tasks such as configuring, maintaining and/or repairing analysis systems are often executed by external technical personnel such as, field service representatives (FSRs).
In order to prohibit non-expert users from accidentally modifying a well-established configuration of an analysis system and/or from triggering a function of the analysis system which may cause harm to the system or the analyzed samples, access to functions of an analysis system must be tightly controlled to ensure that sensitive configuration data and functions of an analysis system can only be accessed by a specially trained user. In a further aspect, access to Protected Health Information (PHI), for example, patient data created as a result of an analysis, by an unauthorized user (e.g. a FSR) needs to be prohibited.
In prior art systems, a centralized database comprises data indicative of the user(s) having access rights to one or more network-connected laboratory instruments. A problem of this approach is that many laboratory devices are not connected to the internet or an intranet and are therefore unsuited for a centralized, network-based authentication system.
Other laboratory devices relying on ‘prestored’ authentication data may selectively allow an authenticated user to access functions of the devices. Authentication data stored locally in a plurality of laboratory devices may be distributed over different laboratories or even different cities or countries. Thus, de-centrally storing authentication data tends to be highly inflexible and insecure. Centrally stored, static passwords may be hacked or illicitly passed to unauthorized persons. In the case a field representative or other technically skilled user leaves a company, it may be highly time consuming or even impossible to change the user's authentication data in all devices affected.
Therefore, there is a need for an improved method for controlling an analysis system involving an authentication of a user such as, for example, a non-standard user such as, a FSR, for example, who logs into the system only infrequently or in the event of a malfunction.